Key Characteristics of Cloud Computing Discussion

Question Description

Chapter 15

Q1: List and discuss the five key characteristics of cloud computing.

Chapter 17: Smallwood (2014) discussed that most records are useful for only a short time, but other records may need to be retained for longer periods of time.

Q2: What do organizations need to ensure to preserve records for longer periods or even permanently?

Please write a brief discussion with at least 250 words for each questions. APA format and provide references.

Unformatted Attachment Preview

INFORMATION GOVERNANCE Founded in 1807, John Wiley & Sons is the oldest independent publishing company in the United States. With offices in North America, Europe, Asia, and Australia, Wiley is globally committed to developing and marketing print and electronic products and services for our customers’ professional and personal knowledge and understanding. The Wiley CIO series provides information, tools, and insights to IT executives and managers. The products in this series cover a wide range of topics that supply strategic and implementation guidance on the latest technology trends, leadership, and emerging best practices. Titles in the Wiley CIO series include: The Agile Architecture Revolution: How Cloud Computing, REST-Based SOA, and Mobile Computing Are Changing Enterprise IT T by Jason Bloomberg Big Data, Big Analytics: Emerging Business Intelligence and Analytic Trends for Today’s Businesses by Michael Minelli, Michele Chambers, and Ambiga Dhiraj The Chief Information Officer’s Body of Knowledge: People, Process, and Technology by Dean Lane CIO Best Practices: Enabling Strategic Value with Information Technology (Second Edition) by Joe Stenzel, Randy Betancourt, Gary Cokins, Alyssa Farrell, Bill Flemming, Michael H. Hugos, Jonathan Hujsak, and Karl Schubert The CIO Playbook: Strategies and Best Practices for IT Leaders to Deliver Value by Nicholas R. Colisto Enterprise Performance Management Done Right: An Operating System for Your Organization by Ron Dimon Executive’s Guide to Virtual Worlds: How Avatars Are Transforming Your Business and Your Brandd by Lonnie Benson IT Leadership Manual: Roadmap to Becoming a Trusted Business Partnerr by Alan R. Guibord Managing Electronic Records: Methods, Best Practices, and Technologiess by Robert F. Smallwood On Top of the Cloud: How CIOs Leverage New Technologies to Drive Change and Build Value Across the Enterprise by Hunter Muller Straight to the Top: CIO Leadership in a Mobile, Social, and Cloud-based World (Second Edition) by Gregory S. Smith Strategic IT: Best Practices for Managers and Executivess by Arthur M. Langer and Lyle Yorks Transforming IT Culture: How to Use Social Intelligence, Human Factors, and Collaboration to Create an IT Department That Outperformss by Frank Wander Unleashing the Power of IT: Bringing People, Business, and Technology Together by Dan Roberts The U.S. Technology Skills Gap: What Every Technology Executive Must Know to Save America’s Future by Gary J. Beach Information Governance: Concepts, Strategies and Best Practicess by Robert F. Smallwood INFORMATION GOVERNANCE CONCEPTS, STRATEGIES AND BEST PRACTICES Robert F. Smallwood Cover image: © iStockphoto / IgorZh Cover design: Wiley Copyright © 2014 by Robert F. Smallwood. All rights reserved. Chapter 7 © 2014 by Barclay Blair Portions of Chapter 8 © 2014 by Randolph Kahn Published by John Wiley & Sons, Inc., Hoboken, New Jersey. Published simultaneously in Canada. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600, or on the Web at Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages. For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002. Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at For more information about Wiley products, visit Library of Congress Cataloging-in-Publication Data: Smallwood, Robert F., 1959Information governance : concepts, strategies, and best practices / Robert F. Smallwood. pages cm. — (Wiley CIO series) ISBN 978-1-118-21830-3 (cloth); ISBN 978-1-118-41949-6 (ebk); ISBN 978-1-118-42101-7 (ebk) 1. Information technology—Management. 2. Management information systems. 3. Electronic records—Management. I. Title. HD30.2.S617 2014 658.4’038—dc23 2013045072 Printed in the United States of America 10 9 8 7 6 5 4 3 2 1 For my sons and the next generation of tech-savvy managers CONTENTS PREFACE xv ACKNOWLEDGMENTS xvii PART ONE— Information Governance Concepts, Definitions, and Principles p 1 CH APT ER 1 The Onslaught of Big Data and the Information Governance Imperative 3 Defining Information Governance 5 IG Is Not a Project, But an Ongoing Program 7 Why IG Is Good Business 7 Failures in Information Governance 8 Form IG Policies, Then Apply Technology for Enforcement Notes 10 12 2 Information Governance, IT Governance, Data Governance: What’s the Difference? 15 CH APT ER Data Governance 15 IT Governance 17 Information Governance 20 Impact of a Successful IG Program Summing Up the Differences 20 21 Notes 22 CH APT ER 3 Information Governance Principles 25 Accountability Is Key 27 Generally Accepted Recordkeeping Principles® Contributed by Charmaine Brooks, CRM Assessment and Improvement Roadmap 27 34 Who Should Determine IG Policies? 35 Notes 38 PART TWO— Information Governance Risk Assessment and Strategic g Planning g CH APT ER 41 4 Information Risk Planning and Management 43 Step 1: Survey and Determine Legal and Regulatory Applicability and Requirements 43 vii viii CONTENTS Step 2: Specify IG Requirements to Achieve Compliance 46 Step 3: Create a Risk Profile 46 Step 4: Perform Risk Analysis and Assessment 48 Step 5: Develop an Information Risk Mitigation Plan 49 Step 6: Develop Metrics and Measure Results 50 Step 7: Execute Your Risk Mitigation Plan 50 Step 8: Audit the Information Risk Mitigation Program 51 Notes 51 5 Strategic Planning and Best Practices for Information Governance 53 CH APT ER Crucial Executive Sponsor Role 54 Evolving Role of the Executive Sponsor 55 Building Your IG Team 56 Assigning IG Team Roles and Responsibilities 56 Align Your IG Plan with Organizational Strategic Plans 57 Survey and Evaluate External Factors 58 Formulating the IG Strategic Plan 65 Notes 69 CH APT ER 6 Information Governance Policy Development 71 A Brief Review of Generally Accepted Recordkeeping Principles® 71 IG Reference Model 72 Best Practices Considerations 75 Standards Considerations 76 Benefits and Risks of Standards 76 Key Standards Relevant to IG Efforts 77 Major National and Regional ERM Standards 81 Making Your Best Practices and Standards Selections to Inform Your IG Framework 87 Roles and Responsibilities 88 Program Communications and Training 89 Program Controls, Monitoring, Auditing and Enforcement Notes PART THREE— Information Governance Key Impact p Areas Based on the IG Reference Model CH APT ER 89 91 95 7 Business Considerations for a Successful IG Program 97 By Barclay T. Blair Changing Information Environment 97 CONTENTS ix Calculating Information Costs 99 Big Data Opportunities and Challenges 100 Full Cost Accounting for Information 101 Calculating the Cost of Owning Unstructured Information 102 The Path to Information Value Challenging the Culture New Information Models 105 107 107 Future State: What Will the IG-Enabled Organization Look Like? 110 Moving Forward Notes CH APT ER 111 113 8 Information Governance and Legal Functions 115 By Robert Smallwood with Randy Kahn, Esq., and Barry Murphy Introduction to e-Discovery: The Revised 2006 Federal Rules of Civil Procedure Changed Everything 115 Big Data Impact 117 More Details on the Revised FRCP Rules 117 Landmark E-Discovery Case: Zubulake v. UBS Warburg 119 E-Discovery Techniques 119 E-Discovery Reference Model 119 The Intersection of IG and E-Discovery By Barry Murphy 122 Building on Legal Hold Programs to Launch Defensible Disposition 125 By Barry Murphy Destructive Retention of E-Mail 126 Newer Technologies That Can Assist in E-Discovery 126 Defensible Disposal: The Only Real Way To Manage Terabytes and Petabytes By Randy Kahn, Esq. Retention Policies and Schedules 137 By Robert Smallwood, edited by Paula Lederman, MLS Notes 144 9 Information Governance and Records and Information Management Functions 147 CH APT ER Records Management Business Rationale 149 Why Is Records Management So Challenging? 150 Benefits of Electronic Records Management Additional Intangible Benefits 152 153 Inventorying E-Records 154 Generally Accepted Recordkeeping Principles® E-Records Inventory Challenges 155 155 130 x CONTENTS Records Inventory Purposes 156 Records Inventorying Steps 157 Ensuring Adoption and Compliance of RM Policy 168 General Principles of a Retention Scheduling 169 Developing a Records Retention Schedule 170 Why Are Retention Schedules Needed? 171 What Records Do You Have to Schedule? Inventory and Classification 173 Rationale for Records Groupings 174 Records Series Identification and Classification Retention of E-Mail Records 174 175 How Long Should You Keep Old E-Mails? Destructive Retention of E-Mail 176 177 Legal Requirements and Compliance Research 178 Event-Based Retention Scheduling for Disposition of E-Records 179 Prerequisites for Event-Based Disposition 180 Final Disposition and Closure Criteria 181 Retaining Transitory Records 182 Implementation of the Retention Schedule and Disposal of Records 182 Ongoing Maintenance of the Retention Schedule 183 Audit to Manage Compliance with the Retention Schedule 183 Notes 186 10 Information Governance and Information Technology Functions 189 CH APT ER Data Governance 191 Steps to Governing Data Effectively 192 Data Governance Framework 193 Information Management 194 IT Governance 196 IG Best Practices for Database Security and Compliance 202 Tying It All Together Notes 204 205 11 Information Governance and Privacy and Security Functions 207 CH APT ER Cyberattacks Proliferate 207 Insider Threat: Malicious or Not Privacy Laws 208 210 Defense in Depth 212 Controlling Access Using Identity Access Management 212 Enforcing IG: Protect Files with Rules and Permissions 213 CONTENTS xi Challenge of Securing Confidential E-Documents 213 Apply Better Technology for Better Enforcement in the Extended Enterprise 215 E-Mail Encryption 217 Secure Communications Using Record-Free E-Mail 217 Digital Signatures 218 Document Encryption 219 Data Loss Prevention (DLP) Technology 220 Missing Piece: Information Rights Management (IRM) 222 Embedded Protection 226 Hybrid Approach: Combining DLP and IRM Technologies Securing Trade Secrets after Layoffs and Terminations 227 228 Persistently Protecting Blueprints and CAD Documents 228 Securing Internal Price Lists 229 Approaches for Securing Data Once It Leaves the Organization 230 Document Labeling 231 Document Analytics 232 Confidential Stream Messaging 233 Notes 236 PART FOUR— Information Governance for Deliveryy Platforms CH APT ER 239 12 Information Governance for E-Mail and Instant Messaging 241 Employees Regularly Expose Organizations to E-Mail Risk 242 E-Mail Polices Should Be Realistic and Technology Agnostic 243 E-Record Retention: Fundamentally a Legal Issue 243 Preserve E-Mail Integrity and Admissibility with Automatic Archiving 244 Instant Messaging 247 Best Practices for Business IM Use 247 Technology to Monitor IM Tips for Safer IM Notes CH APT ER 249 249 251 13 Information Governance for Social Media 253 By Patricia Franks, Ph.D, CRM, and Robert Smallwood Types of Social Media in Web 2.0 253 Additional Social Media Categories 255 Social Media in the Enterprise 256 Key Ways Social Media Is Different from E-Mail and Instant Messaging 257 Biggest Risks of Social Media 257 Legal Risks of Social Media Posts 259 xii CONTENTS Tools to Archive Social Media 261 IG Considerations for Social Media 262 Key Social Media Policy Guidelines 263 Records Management and Litigation Considerations for Social Media 264 Emerging Best Practices for Managing Social Media Records 267 Notes CH APT ER 269 14 Information Governance for Mobile Devices 271 Current Trends in Mobile Computing 273 Security Risks of Mobile Computing 274 Securing Mobile Data 274 Mobile Device Management IG for Mobile Computing 275 276 Building Security into Mobile Applications 277 Best Practices to Secure Mobile Applications 280 Developing Mobile Device Policies 281 Notes 283 CH APT ER 15 Information Governance for Cloud Computing 285 By Monica Crocker CRM, PMP, CIP, and Robert Smallwood Defining Cloud Computing 286 Key Characteristics of Cloud Computing 287 What Cloud Computing Really Means Cloud Deployment Models 288 289 Security Threats with Cloud Computing 290 Benefits of the Cloud 298 Managing Documents and Records in the Cloud 299 IG Guidelines for Cloud Computing Solutions 300 Notes CH APT ER 301 16 SharePoint Information Governance 303 By Monica Crocker, CRM, PMP, CIP, edited by Robert Smallwood Process Change, People Change 304 Where to Begin the Planning Process 306 Policy Considerations 310 Roles and Responsibilities 311 Establish Processes 312 Training Plan 313 Communication Plan 313 Note 314 CONTENTS xiii PART FIVE— Long-Term g Program g Issues CH APT ER 315 17 Long-Term Digital Preservation 317 By Charles M. Dollar and Lori J. Ashley Defining Long-Term Digital Preservation 317 Key Factors in Long-Term Digital Preservation Threats to Preserving Records 320 Digital Preservation Standards 321 318 PREMIS Preservation Metadata Standard 328 Recommended Open Standard Technology-Neutral Formats 329 Digital Preservation Requirements 333 Long-Term Digital Preservation Capability Maturity Model® 334 Scope of the Capability Maturity Model 336 Digital Preservation Capability Performance Metrics 341 Digital Preservation Strategies and Techniques 341 Evolving Marketplace Looking Forward Notes 344 344 346 18 Maintaining an Information Governance Program and Culture of Compliance 349 CH APT ER Monitoring and Accountability 349 Staffing Continuity Plan 350 Continuous Process Improvement 351 Why Continuous Improvement Is Needed 351 Notes 353 A Information Organization and Classification: Taxonomies and Metadata 355 APPEN DI X By Barb Blackburn, CRM, with Robert Smallwood; edited by Seth Earley Importance of Navigation and Classification 357 When Is a New Taxonomy Needed? 358 Taxonomies Improve Search Results 358 Metadata and Taxonomy 359 Metadata Governance, Standards, and Strategies 360 Types of Metadata 362 Core Metadata Issues 363 International Metadata Standards and Guidance 364 Records Grouping Rationale 368 Business Classification Scheme, File Plans, and Taxonomy Classification and Taxonomy 369 368 xiv CONTENTS Prebuilt versus Custom Taxonomies 370 Thesaurus Use in Taxonomies 371 Taxonomy Types 371 Business Process Analysis 377 Taxonomy Testing: A Necessary Step Taxonomy Maintenance 379 380 Social Tagging and Folksonomies 381 Notes 383 B Laws and Major Regulations Related to Records Management 385 APPEN DI X United States 385 Canada 387 By Ken Chasse, J.D., LL.M. United Kingdom 389 Australia 391 Notes 394 C Laws and Major Regulations Related to Privacy 397 APPEN DI X United States 397 Major Privacy Laws Worldwide, by Country Notes GLOSSARY 400 401 ABOUT THE AUTHOR 417 ABOUT THE MAJOR CONTRIBUTORS 419 INDEX 421 398 PREFACE I nformation governance (IG) has emerged as a key concern for business executives and managers in today’s environment of Big Data, increasing information risks, colossal leaks, and greater compliance and legal demands. But few seem to have a clear understanding of what IG is; that is, how you define what it is and is not, and how to implement it. This book clarifies and codifies these definitions and provides key insights as to how to implement and gain value from IG programs. Based on exhaustive research, and with the contributions of a number of industry pioneers and experts, this book lays out IG as a complete discipline in and of itself for the first time. IG is a super-discipline that includes components of several key fields: law, records management, information technology (IT), risk management, privacy and security, and business operations. This unique blend calls for a new breed of information professional who is competent across these established and quite complex fields. Training and education are key to IG success, and this book provides the essential underpinning for organizations to train a new generation of IG professionals. Those who are practicing professionals in the component fields of IG will find the book useful in expanding their knowledge from traditional fields to the emerging tenets of IG. Attorneys, records and compliance managers, risk managers, IT managers, and security and privacy professionals will find this book a particularly valuable resource. The book strives to offer clear IG concepts, actionable strategies, and proven best practices in an understandable and digestible way; a concerted effort was made to simplify language and to offer examples. There are summaries of key points throughout and at the end of each chapter to help the reader retain major points. The text is organized into five parts: (1) Information Governance Concepts, Definitions, and Principles; (2) IG Risk Assessment and Strategic Planning; (3) IG Key Impact Areas; (4) IG for Delivery Platforms; and (5) Long-Term Program Issues. Also included are appendices with detailed information on taxonomy and metadata design and on records management and privacy legislation. One thing that is sure is that the complex field of IG is evolving. It will continue to change and solidify. But help is here: No other book offers the kind of comprehensive coverage of IG contained within these pages. Leveraging the critical advice provided here will smooth your path to understanding and implementing successful IG programs. Robert F. Smallwood xv ACKNOWLEDGMENTS I would like to sincerely thank my colleagues for their support and generous contribution of their expertise and time, which made this pioneering text possible. Many thanks to Lori Ashley, Barb Blackburn, Barclay Blair, Charmaine Brooks, Ken Chasse, Monica Crocker, Charles M. Dollar, Seth Earley, Dr. Patricia Franks, Randy Kahn, Paula Lederman, and Barry Murphy. I am truly honored to include their work and owe them a great debt of gratitude. xvii PART ONE Information Govern …
Purchase answer to see full attachment

Place this order or similar order and get an amazing discount. USE Discount code “GET20” for 20% discount